Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Static code injection vulnerability in translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to inject arbitrary PHP code into an executable language file in the i18n directory via the lang variable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Support Incident Tracker ‘translate.php’代码注入漏洞
Vulnerability Description
Support Incident Tracker (or SiT!)是一个基于Web技术支持电话或电子邮件的追踪应用程序。 Support Incident Tracker (也称 SiT!) 3.45版本至3.65版本中的translate.php中存在静态代码注入漏洞。远程攻击者可利用此漏洞借助lang变量向i18n目录的可执行语言文件中注入任意PHP代码。
CVSS Information
N/A
Vulnerability Type
N/A